mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-25 19:45:44 +01:00
Revert "Forbid passing NULL input buffers to RSA encryption routines"
Resolve incompatibilties in the RSA module where changes made for
parameter validation prevent Mbed Crypto from working. Mbed Crypto
depends on being able to pass zero-length buffers that are NULL to RSA
encryption functions.
This reverts commit 2f660d047d
.
This commit is contained in:
parent
02f39ace58
commit
fb236739da
@ -601,7 +601,8 @@ int mbedtls_rsa_private( mbedtls_rsa_context *ctx,
|
|||||||
* #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE (deprecated).
|
* #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE (deprecated).
|
||||||
* \param ilen The length of the plaintext in Bytes.
|
* \param ilen The length of the plaintext in Bytes.
|
||||||
* \param input The input data to encrypt. This must be a readable
|
* \param input The input data to encrypt. This must be a readable
|
||||||
* buffer of size \p ilen Bytes. This must not be \c NULL.
|
* buffer of size \p ilen Bytes. It may be \c NULL if
|
||||||
|
* `ilen == 0`.
|
||||||
* \param output The output buffer. This must be a writable buffer
|
* \param output The output buffer. This must be a writable buffer
|
||||||
* of length \c ctx->len Bytes. For example, \c 256 Bytes
|
* of length \c ctx->len Bytes. For example, \c 256 Bytes
|
||||||
* for an 2048-bit RSA modulus.
|
* for an 2048-bit RSA modulus.
|
||||||
@ -641,7 +642,8 @@ int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx,
|
|||||||
* #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE (deprecated).
|
* #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE (deprecated).
|
||||||
* \param ilen The length of the plaintext in Bytes.
|
* \param ilen The length of the plaintext in Bytes.
|
||||||
* \param input The input data to encrypt. This must be a readable
|
* \param input The input data to encrypt. This must be a readable
|
||||||
* buffer of size \p ilen Bytes. This must not be \c NULL.
|
* buffer of size \p ilen Bytes. It may be \c NULL if
|
||||||
|
* `ilen == 0`.
|
||||||
* \param output The output buffer. This must be a writable buffer
|
* \param output The output buffer. This must be a writable buffer
|
||||||
* of length \c ctx->len Bytes. For example, \c 256 Bytes
|
* of length \c ctx->len Bytes. For example, \c 256 Bytes
|
||||||
* for an 2048-bit RSA modulus.
|
* for an 2048-bit RSA modulus.
|
||||||
@ -685,7 +687,8 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
|
|||||||
* \param label_len The length of the label in Bytes.
|
* \param label_len The length of the label in Bytes.
|
||||||
* \param ilen The length of the plaintext buffer \p input in Bytes.
|
* \param ilen The length of the plaintext buffer \p input in Bytes.
|
||||||
* \param input The input data to encrypt. This must be a readable
|
* \param input The input data to encrypt. This must be a readable
|
||||||
* buffer of size \p ilen Bytes. This must not be \c NULL.
|
* buffer of size \p ilen Bytes. It may be \c NULL if
|
||||||
|
* `ilen == 0`.
|
||||||
* \param output The output buffer. This must be a writable buffer
|
* \param output The output buffer. This must be a writable buffer
|
||||||
* of length \c ctx->len Bytes. For example, \c 256 Bytes
|
* of length \c ctx->len Bytes. For example, \c 256 Bytes
|
||||||
* for an 2048-bit RSA modulus.
|
* for an 2048-bit RSA modulus.
|
||||||
|
@ -1135,7 +1135,7 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx,
|
|||||||
RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE ||
|
RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE ||
|
||||||
mode == MBEDTLS_RSA_PUBLIC );
|
mode == MBEDTLS_RSA_PUBLIC );
|
||||||
RSA_VALIDATE_RET( output != NULL );
|
RSA_VALIDATE_RET( output != NULL );
|
||||||
RSA_VALIDATE_RET( input != NULL );
|
RSA_VALIDATE_RET( ilen == 0 || input != NULL );
|
||||||
RSA_VALIDATE_RET( label_len == 0 || label != NULL );
|
RSA_VALIDATE_RET( label_len == 0 || label != NULL );
|
||||||
|
|
||||||
if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 )
|
if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 )
|
||||||
@ -1218,7 +1218,7 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
|
|||||||
RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE ||
|
RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE ||
|
||||||
mode == MBEDTLS_RSA_PUBLIC );
|
mode == MBEDTLS_RSA_PUBLIC );
|
||||||
RSA_VALIDATE_RET( output != NULL );
|
RSA_VALIDATE_RET( output != NULL );
|
||||||
RSA_VALIDATE_RET( input != NULL );
|
RSA_VALIDATE_RET( ilen == 0 || input != NULL );
|
||||||
|
|
||||||
if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 )
|
if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 )
|
||||||
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
|
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
|
||||||
@ -1285,7 +1285,7 @@ int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx,
|
|||||||
RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE ||
|
RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE ||
|
||||||
mode == MBEDTLS_RSA_PUBLIC );
|
mode == MBEDTLS_RSA_PUBLIC );
|
||||||
RSA_VALIDATE_RET( output != NULL );
|
RSA_VALIDATE_RET( output != NULL );
|
||||||
RSA_VALIDATE_RET( input != NULL );
|
RSA_VALIDATE_RET( ilen == 0 || input != NULL );
|
||||||
|
|
||||||
switch( ctx->padding )
|
switch( ctx->padding )
|
||||||
{
|
{
|
||||||
|
Loading…
Reference in New Issue
Block a user